Security Service - Zyxel Community

Why are the Host Name and MAC Address in the downloaded History Data incorrect?
Question : When the user downloads the History Data from SecuReporter, they will notice that the host name and MAC address are incorrect. Why are the host Name and MAC Address in the downloaded History Data incorrect? Answer : The user needs to export the personal data to find the corresponding host name and MAC address.…
[ATP/FLEX]How to configure a whitelist to allow access to specific websites?
Question: How to configure a whitelist to allow access to specific websites? Answer: If a website is blocked by a configured Content Filter category and you still want to allow access to the website, you can add the website to the "Allow Website" list in the Content Filter profile. The format supports both full URLs and…
How to block peer-to-peer download on Nebula Firewall?
Question: How to block peer-to-peer download on Nebula Firewall? Answer: Go to Site-wide > Configuration > Firewall > Security Service > Application Patrol, create a profile like this: Then go to Site-wide >Configure > Firewall > Security policy, and apply the app patrol profile to a rule
[ATP/FLEX]How to allow traffic from a specific country only on Nebula?
Question: I would like to allow traffic from specific countries to the Intranet only. How do I configure this on Nebula? Answer: You can configure the country name (GeoIP) in the Security Policy rule to allow traffic to your Intranet. The firewall will then only allow traffic from the selected countries. Since the default…
What are the default security service settings for the Firewall in Nebula?
Question: What are the default security service settings for the Firewall in Nebula? Answer: By default, all security services are enabled while Gold/UTM license is deployed.
How do I allow more sessions per host?
Here’s what you can do: Navigate to Configure > Firewall > Security policy > Session Control Adjust the Session per Host and click Save button.
How to allow traffic to ZyWALL on Nebula Firewall
Question: How to allow traffic to ZyWALL on Nebula Firewall Answer: You can create a policy route and put "Device" as Destination We strongly recommend DO NOT DO THIS. If you do this, please limit the source IP.
How to clean the Content Filter's cache by the CLI ?
Scenario : The user may encounter a situation where the Content Filter is not working (for example, a website that should be blocked is accessible) due to a caching issue. This article will guide you on how to resolve it. Answer : STEP1. Please log in to the firewall via console or SSH and enter the command below to clear…
Why does an SF_CB_IP-related security policy appear in the event log?
Question : Why is there an SF_CB_IP-related security policy event log? For instance, the source IP 10.10.123.33 was blocked by the security policy"SF_CB_10.10.123.33". However, there is no security policy called "SF_CB_10.10.123.33". Answer : The event log message 'SF_CB' stands for Security Firewall_Client Block. The…
How to check historically suspicious IP addresses using the Country Map in Secureporter?
Question: The Nebula firewall may detect some security-related events, and users may want to check historically suspicious source IPs using the Country Map feature in Secureporter. This article will guide you on how to do that. Answer : The Nebula user can select the SecuReporter icon to be redirected to the SecuReporter…
[ATP/FLEX] How to update Domain and URL category for a website?
Question: An URL is not classified in the correct category. How to update Domain and URL category for a website? Answer: If you think the category is incorrect, visit the link to submit a request to review it. http://sitereview2.cloud.zyxel.com/
Can I get a complete list of URLs registered in the Content Filter category of Nebula?
Question: Can I get a complete list of URLs registered in the Content Filter category of Nebula? Answer: Because the list of categorized URLs changes over time, it is hard to obtain the full database content directly. However, you can still query individual URLs in Nebula to check their category.
Is there an info of cpu&usage on nebula for SCR 50AXE & USG LITE 60AX
The SCR 50AXE and USG LITE 60AX do not support displaying CPU and usage information on Nebula
[ATP/FLEX] Does the Allow list of Anti-Malware support MD5 hash values in the Nebula firewall?
Question : Does the Allow list of Anti-Malware support MD5 hash values in the Nebula firewall? Answer : Yes, in addition to file names, the Allow list of Anti-Malware also supports MD5 hash values in the Nebula firewall. For example, the user can add both the file name and the hash value to the Allow list, as shown below:
[ATP/FLEX] How to avoid false positive detection by Anti-Malware in the Nebula firewall?
Scenario : If a user encounters a false positive detection by Anti-Malware in the Nebula firewall, how can this be avoided? Answer : For instance, if a user downloads a file called 'office.exe' but it fails due to being blocked by Anti-Malware (the user can find the blocked log message under Site-wide > Monitor > Firewall…
[ATP/FLEX] Why the firewall rule set to WAN to Any,but cannot block Geo IP to establish VPN?
Question : Why is the firewall rule set to WAN to Any, but it cannot block Geo IP from establishing a VPN, as shown below? Answer : Because the direction 'Any' doesn't include 'Device', the VPN traffic (UDP 500 and 4500) will still be passed to the firewall normally and won't be dropped by the security. To avoid this,…
[ATP/FLEX] How to check the IP belongs to which country by CLI?
Scenario : The user can use the CLI to check which country an IP address belongs to. This FAQ will guide you on how to perform this check. Answer : Please login to the device via SSH or console serial cable and issue the CLI command "show geo-ip geography address IP address". For instance, we issued the CLI command "show…
[ATP/FLEX]How can I allow Geo-IP to access the internal client via NAT?
Scenario : If the user wants to allow Geo-IP to access the internal client via NAT, how should it be configured? Answer : First, please navigate to Site-Wide > Configure > Firewall > NAT to add a NAT rule. Second, please navigate to Site-wide > Configure > Firewall > Security policy to add a security policy to allow the…
[ATP/FLEX]How can I block VPN services on Nebula firewall?
Scenario : If the user wants to block the VPN services on Nebula firewall? How to configure it? Answer : Please navigate to Site-wide > Configure > Firewall > Security policy to add a security policy to deny traffic from any source to the device for UDP 500 and UDP 4500 ports.
[ATP/FLEX] Is it possible for users to bypass the content filter?
Scenario : If the user creates a security policy that applies the Content Filter but still wants to allow a specific user to bypass the Content Filter's detection, how can this be configured? Answer : Please navigate to Site-wide > Configure > Firewall > Security service > IP Exception to add the specific source IP to…

Welcome!

It looks like you're new here. Sign in or register to get started.